Here’s a piece of dark humor to make everyone laugh a bit...
I’ve been in the blockchain industry for 12 years and have specialized in wallet password recovery for more than 6 years. Logically, after dealing with so many customers who lost their passwords or private keys, I should have strong security awareness and never forget my own passwords — but reality is quite the opposite...
1. How I got into wallet recovery
In a previous article, “My Story with 10 Bitcoins,” I mentioned that I once forgot the password of my Bitcoin Core wallet that contained 12 bitcoins. The password I originally set was 26 characters long, but when recording it, I deliberately made three small errors. Half an hour later, I couldn’t remember what those little errors were.
Because of those three small errors, I ended up being forced to lock my coins for seven years until I finally recovered the wallet in 2020. I sold it in November 2024 at a price of 90,000 USDT, making a 1,000× profit. That experience made me truly appreciate the value of password recovery—and it’s how I entered this field.
2. History repeats itself
(1) The 2014 test wallet
I had another Bitcoin Core wallet with only 0.5 BTC in it. It was a test wallet I used when writing blog posts and academic papers, sending many experimental transactions. After finishing those papers, I forgot about both the wallet and its password. When I successfully recovered the previous wallet in 2020 and was cleaning up my hard drive, I found this one. Because it contained little money and the password was all numbers, I was able to brute-force it quickly with computing power.
(2) Two mobile wallets from 2018
These two mobile wallets also contained small amounts of coins. I had casually set passwords and didn’t record them, so I forgot them over time. The altcoins inside had been worth very little, so I hadn’t bothered to recover them for four or five years. A few months ago, I decided to use them for practice. After extracting data from my phone, I successfully recovered the wallets using combinations of my commonly used passwords. Since the passwords were originally set by me, they fell within my usual password range. Although I had no memory of them, patiently trying different combinations again and again eventually worked.
Of course, if every case were this simple, there’d be nothing to talk about... The things that happened next are truly ridiculous.
3. Absurd mistakes of a “professional”
(1) The 2021 commission wallet
In 2021, I successfully recovered a client’s wallet and took my commission, temporarily storing it in a mobile wallet. Later, I transferred it to another phone and didn’t touch it for two years—only to forget the password. I clearly remembered that I had written down the mnemonic phrase since it’s my usual habit, but I just couldn’t find where I put it. I even wrote a program to search the entire drive for it, but still couldn’t locate the right one. I then extracted data from the phone and ran combinations of my usual passwords for a while, but it still didn’t work. In the spirit of Ah Q’s “spiritual victory method”: forced HODLing brings higher returns. I hadn’t planned to sell anyway, so I decided to just leave it for now.
(2) The 2024 hardware wallet scare
In 2024, I recovered another wallet and stored my commission in a hardware wallet. This device had a top-level secure chip, making chip-level recovery impossible. I did, however, have both the mnemonic and a recorded password. Both had to be correct to restore the wallet. When setting the password, I deliberately added two small “errors,” similar to how I set the Bitcoin Core password for the 12 BTC wallet. A few months later, when I wanted to check on it, I suddenly couldn’t remember what those two errors were!
Falling in the same place twice... I must be getting senile.
The shock immediately drove up my blood pressure. I spent half a day analyzing the encryption mechanism, wrote a recovery program, and ran it overnight—but still didn’t get it. After a sleepless night, I tried more passwords manually the next afternoon when inspiration suddenly struck—I remembered the mistakes! I tried them, and boom, the password worked. What a scare!
(3) The 2025 transit wallet incident
But unexpectedly, the same story happened yet again... In 2025, after successfully recovering a client’s wallet, I stored my commission in a wallet I often use as a transit account. Because it was just a temporary wallet, the password was simple. I planned to process it later, so for safety I casually changed the password in early February, thinking I’d handle it soon, and didn’t record it. Two months later, when I went to deal with it—guess what—I had forgotten the password again!!!
At that point, I just wanted to die... Making the same mistake again and again—how stupid can one be? I tried to start recovery immediately, but even more frustrating things followed...
After some thought, I initiated a four-step recovery plan:
A. Find a wallet backup from before the password change
B. Check if any mnemonic was still saved on the current computer
C. Attempt password recovery
D. Investigate an old SSD boot drive from two years ago that definitely contained pre-change wallet data
4. The recovery process
Following the above recovery plan, I tested each step:
(1) Finding backups before the password change: the backup wipe disaster
I had two laptops and two external drives, with important data backed up on both laptops and one external drive. This wallet should have had four or five backups before the password was changed. As long as I had one of them, recovery would be easy.
But coincidences happen—in late March, shortly before I realized I’d forgotten the password, I bought a high-end new laptop. I cloned one old laptop entirely onto the new one, and after confirming everything worked fine, I thought I had too many redundant backups. Since the new laptop was working perfectly, I decided to reformat the two old machines for other uses. I ended up deleting all four or five backups on the two old laptops and one external drive, repartitioning them, and overwriting the data with large amounts of new files.
The easiest recovery method, which was to use a backup, was completely cut off by myself just days earlier—no backup left at all. I perfectly destroyed every escape route. What self-inflicted disaster is this...?
Usually when I switch to a new laptop, I keep old backups for half a year or more. This time I acted unusually quickly—maybe it was fate.
(2) Searching for mnemonics: failed
I wrote a dedicated program to scan all disks on all computers multiple times, but still didn’t find the right mnemonic. That path was a dead end too.
(3) Password recovery: temporarily frustrated
I listed all my commonly used passwords and ran brute-force attempts for several hours, but unsuccessfully. It seems I must have added some uncommon variations when setting this password. Since I have zero memory of it, it’s unlikely I’ll solve it quickly—but for now, it’s my main strategy moving forward.
(4) SSD recovery: to be studied
Two years ago, one of my SSD boot drives failed. It definitely had the pre-change wallet data. I need to pinpoint the damaged components. If the controller or another chip is dead but the storage chips are intact, data recovery is still possible. If the memory chips are fine, I’d still need to figure out how to read and recombine the data correctly from multiple chips—the combination algorithm isn’t publicly known, so further research and testing are needed.
5. Painful lessons
So far, the two wallets above haven’t been recovered yet—they’re still under rescue attempts. Though I regret it deeply, I’m not panicking. After all, these are my own wallets, set with my own passwords. By experimenting with password patterns and ruling out wrong ones, I’ll likely get them back eventually. And in a sense, this is another form of forced HODLing—if it takes five or ten years, I might sell at a good price. The “spiritual victory method” offers some consolation indeed.
But as someone who does password recovery for a living, forgetting my own wallet passwords again and again is truly unacceptable. I must self-reflect to avoid a fourth fall into the same pit.
Main lessons learned:
(1) Once you’re past fifty, memory declines sharply. Never trust your memory again. Record your passwords truthfully and securely—no more deliberate “errors.”
(2) The mnemonic was probably recorded but not properly saved. Carelessness made it impossible to locate. From now on, I must record and store it carefully.
(3) Eagerly cleaning up old computers by deleting four or five backups and repartitioning them with new data was the biggest mistake. I should have waited at least three to six months after confirming the new laptop was running smoothly.
As a professional password recovery specialist repeatedly falling into the same trap, I suppose this truly is the ultimate dark humor of the crypto world.
